Fraud Prevention

Common Fraud Techniques

These are examples of common fraud schemes (not necessarily experienced by NEFCU members).
 
Advance Fee Scam
Many scams involve fees or other payments sent in advance. Here are some common scenarios:

  • Online sale asking you (the seller) to immediately refund purchase price "over payments" (which in fact are counterfeit payments, usually money orders).
  • Inheritance from a supposed long-lost relative.
  • Communication claiming you won the lottery in a foreign country.
  • Employment scams offering work permits for highly-paid jobs abroad.
  • Correspondence claiming that an authority figure (often in an African nation) needs help transferring large sums to U.S. accounts. If you agree to help, you are promised a percentage of the funds.
  • Mystery shopper offer asking you to use funds to purchase a money gram sent to a specified person.

Communication About Fraud on Your Account
You get an email, phone call or text message informing you that fraud has been detected on your account. This communication may even appear to come from your own financial institution. You are asked to provide information, usually a credit card number or log in credentials, to resolve the supposed fraud or to prevent the account from being closed.

Impersonation of Family or Friend
Generally done by phone, the fraudster takes advantage of your desire to be helpful.  In a common version, you receive a call telling you that your grandchild needs money, sometimes with further explanation that they have been in an accident or arrested.  The fraudster asks you to wire or send money through Western Union, further advising "Don't tell Mom and Dad", so the grandchild won't get in trouble.

Online Sales Pitches for Security Products
You are presented with online offers for protective software (that will supposedly reduce your risk of online fraud).  The fraud may involve illegitimately capturing credit card information, or installing malicious software such as a keystroke logging program.

Phony Virus Warning or "Scareware"
You see a pop-up message on your computer that tells you your computer has a virus. The message may look similar to legitimate anti-virus software messages. In some case, the fraudster is trying to sell you bogus security software that does little or nothing. In other cases, this fraud may involve illegitimately capturing credit card information, or installing malicious software such as a keystroke logging program.  If you click to accept a download, you have likely allowed the installation of malicious software and and given control of your computer to the fraudster.

Purchase Confirmation

You receive an email or phone call whose purpose is supposedly to confirm your recent online purchase of a cell phone, laptop, TV or other product that you did not buy. The communication instructs you to make a contact if you did not make that purchase. From there your credit card information is requested.

Re-shipper or "Mule" Scam
You come across or receive a business proposition or job offer (usually proposing a work-at-home arrangement), where you are asked to be a re-shipper of goods or money orders.  You are asked to cash a check (which is fraudulent) or front the money to obtain merchandise, and then to ship it elsewhere.  The shipping address may even be a second unwitting victim, who re-ships again (inadvertently committing a crime).

Web Browser Infection (also known as “Man-in-the-Browser” Attack or Banking Trojan)
Your web browser may be compromised by a malicious software program (malware.)  When an infected web browser views financial web sites, the malware activates and can perform a number of fraudulent activities such as collecting private information, modifying transactions, and even configuring the way web pages are displayed so that what you see is not what the web site sent.  Common names for various types of man-in-the-browser malware include Zeus, URLzone, and SilentBanker.

Words of Advice

If something sounds too good to be true, it probably is!
Follow these common-sense guidelines:

  • Do not send money to someone you don't know or for something that is supposedly free.
  • Do not respond to an e-mail that asks you to share personal information.
  • Call the known number of a business when responding to instructions to make a call  (not a number given to you by a caller, or in an email).
  • When in doubt about an email, do not click any links.
  • Do not accept checks or money orders from people you do not know.

Resources

Identity Theft Resources   
Consumer Protection
Snopes.com -  This site helps to distinguish between truth and urban legend!